How to Protect yourself from Embedded documents in PDF files that can easily infect you

Share This with your friends and contacts. Help THEM to stay safe:

We have recently been seeing a newer method of infecting you by embedding macro enabled word docs and other macro enabled office files particularly Excel XLS into pdf files. To all intents and purposes these PDF files look quite innocent and will normally be an almost blank page with 1 line of text. These started off delivering Locky Ransomware then switched to Jaff ransomware and Dridex banking Trojan. Over the last week or so, since 6th or 7th June 2017 they have now added delivering Trickbot banking Trojan via this method as well.

Step2. Select all addons in the drop down, look for Adobe PDF reader and then press the disable button.

That way any PDF you receive will only open in Adobe reader itself and not in your browser, so cutting down the risk of any exploit infecting you.

Google Chrome

Please read HERE and enable the Download PDF files instead of opening them in Chrome option

Firefox see HERE and select use Adobe Reader ( default) or the alternative PDF reader you have installed.

Previewing PDFs in a browser is just too dangerous to take a risk with the current exploits and it is much safer to view them in the application itself which should be sand-boxed to prevent exploits slipping out.

Once you have safer settings set in Adobe reader, you are extremely unlikely to infect yourself with this sort of malware.

Trying to open a PDF with embedded content will give you this

and you can see that you cannot open or save the embedded word document so stopping you from being infected, even though you can see the word doc listed in left hand side bar

First Open Adobe reader, on the top menu bar select Edit then Preferences. This contains all the settings you need to change to make sure that this and other similar types of malware cannot infect you.

First turn off Adobe JavaScript.

The majority of time, you don’t need JavaScript enabled. On the odd occasion that you need it to fill in forms from Governments, employers, Tax etc. you can re-enable it for that single use.

Next enable Adobe Protected Mode and Enhanced Security. This blocks most features in Adobe reader to stop anything auto opening or running. It prevents you saving or opening attachments or embedded objects like video or sound ( why anyone would want music or video in a PDF is beyond me though.) Next and the most important in preventing embedded objects from being used maliciously